Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/zMsB9kb8PXCP5ZzAr6qiAs0jbuQ.roa
File: zMsB9kb8PXCP5ZzAr6qiAs0jbuQ.roa (raw, json)
Hash identifier: k46lhElmW/djElcqdcL15Hz4fmztPEokPit1c7sQA/U=
Subject key identifier: CC:CB:01:F6:46:FC:3D:70:8F:E5:9C:C0:AF:AA:A2:02:CD:23:6E:E4
Certificate issuer: /CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Certificate serial: 018CC8712E9B96C90ABFB2FEEC943C3D06D5
Authority key identifier: 16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/zMsB9kb8PXCP5ZzAr6qiAs0jbuQ.roa
Signing time: Tue 02 Jan 2024 04:31:49 +0000
ROA not before: Tue 02 Jan 2024 04:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203576
IP address blocks: 83.150.213.0/24 maxlen: 24
83.150.212.0/24 maxlen: 24
83.150.215.0/24 maxlen: 24
83.150.214.0/24 maxlen: 24
89.252.188.0/24 maxlen: 32
89.252.191.0/24 maxlen: 32
89.252.190.0/24 maxlen: 32
89.252.189.0/24 maxlen: 32
185.165.46.0/24 maxlen: 32
185.126.218.0/24 maxlen: 32
185.126.217.0/24 maxlen: 32
185.126.216.0/24 maxlen: 32
185.126.219.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:2e:9b:96:c9:0a:bf:b2:fe:ec:94:3c:3d:06:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Validity
Not Before: Jan 2 04:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cccb01f646fc3d708fe59cc0afaaa202cd236ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ad:25:ee:21:be:a4:48:44:e1:d8:8f:ea:7d:
09:d0:ff:3e:08:09:3c:5c:b8:12:2e:5b:5c:d9:37:
12:0d:df:53:9e:5f:fc:95:5d:15:a2:70:3b:2c:32:
aa:dc:23:ad:57:c4:fd:78:a6:0e:40:a3:01:b4:03:
b9:c1:20:05:ec:9b:cf:8f:5b:e8:0f:cf:d4:7e:92:
dd:f4:60:9a:44:40:a7:37:4c:73:87:24:b5:89:b7:
9d:69:24:d7:a9:d2:d7:87:ee:7e:06:fb:90:4d:f9:
65:72:56:11:78:69:e0:dc:c7:84:c7:e1:0f:d1:09:
12:db:56:4f:05:aa:f8:2f:bd:12:e9:8c:04:49:1b:
86:61:8f:6c:cf:06:d7:58:bc:a4:09:50:e1:d5:06:
c6:47:c9:1d:ea:87:e5:0b:cd:e7:a8:cd:f2:1a:25:
e6:c0:10:00:8d:c7:fd:54:de:84:fb:a2:ee:45:e9:
cb:27:ec:61:85:16:98:7b:1c:c1:3c:b6:09:eb:dc:
1e:dc:81:fa:54:34:2b:66:2d:e1:e0:16:76:58:3a:
49:4c:a8:0a:30:eb:2b:b1:9e:0f:b2:9d:dc:3b:d4:
46:84:dd:42:96:53:95:de:a8:cd:72:9f:e3:68:6f:
a8:56:5e:a3:7b:54:d6:87:68:fe:b5:9c:76:75:f6:
40:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:CB:01:F6:46:FC:3D:70:8F:E5:9C:C0:AF:AA:A2:02:CD:23:6E:E4
X509v3 Authority Key Identifier:
keyid:16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/zMsB9kb8PXCP5ZzAr6qiAs0jbuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.212.0/22
89.252.188.0/22
185.126.216.0/22
185.165.46.0/24
Signature Algorithm: sha256WithRSAEncryption
93:80:e3:b6:e1:ad:11:12:de:02:a8:08:9b:38:ba:1f:52:76:
21:b7:b6:85:fd:47:87:b9:1d:e3:6f:8a:28:92:44:62:48:d4:
6b:b7:d7:51:ad:a8:4e:93:3e:1b:d8:cb:26:a2:31:ef:ca:db:
8b:da:13:e9:33:3b:97:3c:6e:44:41:14:a8:f5:f6:25:0c:a7:
9d:a1:de:45:2a:d6:e4:f2:46:15:47:54:9d:18:70:7e:da:09:
0e:8b:ee:3d:b2:e9:7e:66:01:04:3d:77:5a:8d:f8:04:89:b9:
5f:f6:14:d1:55:35:0b:fa:69:c7:dc:74:60:2c:62:fb:c9:2a:
15:73:06:8e:1e:77:5e:3d:a1:82:da:0f:c9:8b:61:d5:e1:16:
0f:20:1e:c2:26:ac:d7:14:ef:9b:76:12:a1:62:f6:56:23:97:
f9:19:b5:f9:33:5a:d1:7f:3d:40:10:0e:75:3a:ab:cb:4d:ee:
91:22:69:a1:56:10:b7:56:e9:4c:99:95:f9:8f:60:32:71:db:
6d:41:a2:38:27:9f:9f:a3:3b:f1:42:d6:e1:68:6d:a9:67:d7:
68:58:a7:5e:97:3d:f1:24:76:7f:95:23:d2:58:98:60:15:2e:
9c:74:6f:09:a1:2b:83:66:96:36:19:e3:99:43:ca:ac:fe:fc:
63:7c:c1:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIcS6blskKv7L+7JQ8PQbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODYwMGRmYWM5ZDNkMWE3NWU2NjMwZDY5NzEwMmYyZjIx
MzJjNDgwHhcNMjQwMTAyMDQzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2NiMDFmNjQ2ZmMzZDcwOGZlNTljYzBhZmFhYTIwMmNkMjM2ZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK0l7iG+pEhE4diP6n0J0P8+CAk8
XLgSLltc2TcSDd9Tnl/8lV0VonA7LDKq3COtV8T9eKYOQKMBtAO5wSAF7JvPj1vo
D8/UfpLd9GCaRECnN0xzhyS1ibedaSTXqdLXh+5+BvuQTfllclYReGng3MeEx+EP
0QkS21ZPBar4L70S6YwESRuGYY9szwbXWLykCVDh1QbGR8kd6oflC83nqM3yGiXm
wBAAjcf9VN6E+6LuRenLJ+xhhRaYexzBPLYJ69we3IH6VDQrZi3h4BZ2WDpJTKgK
MOsrsZ4Psp3cO9RGhN1CllOV3qjNcp/jaG+oVl6je1TWh2j+tZx2dfZAVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMzLAfZG/D1wj+WcwK+qogLNI27kMB8GA1UdIwQY
MBaAFBaGAN+snT0adeZjDWlxAvLyEyxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEt
MThkYmU2NTA0YmI0LzEvek1zQjlrYjhQWENQNVp6QXI2cWlBczBqYnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEtMThkYmU2NTA0YmI0
LzEvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5bUAwQC
Wfy8AwQCuX7YAwQAuaUuMA0GCSqGSIb3DQEBCwUAA4IBAQCTgOO24a0REt4CqAib
OLofUnYht7aF/UeHuR3jb4ookkRiSNRrt9dRrahOkz4b2MsmojHvytuL2hPpMzuX
PG5EQRSo9fYlDKedod5FKtbk8kYVR1SdGHB+2gkOi+49sul+ZgEEPXdajfgEiblf
9hTRVTUL+mnH3HRgLGL7ySoVcwaOHndePaGC2g/Ji2HV4RYPIB7CJqzXFO+bdhKh
YvZWI5f5GbX5M1rRfz1AEA51OqvLTe6RImmhVhC3VulMmZX5j2AycdttQaI4J5+f
ozvxQtbhaG2pZ9doWKdelz3xJHZ/lSPSWJhgFS6cdG8JoSuDZpY2GeOZQ8qs/vxj
fMHL
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:03:14 2024 by rpki-client on console-ams.rpki-client.org